Vulnerability CVE-2019-13045: Information
Description
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server.
Severity: HIGH (8.1) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
irssi | sisyphus | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
irssi | p10 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
irssi | p9 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3488-1 | 263100 | Fixed |
irssi | c10f1 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2020-3468-1 | 263095 | Fixed |
irssi | c9f2 | 1.2.2-alt1 | 1.2.2-alt1 | ALT-PU-2024-3802-3 | 342505 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/irssi/irssi/commit/d23b0d22cc611e43c88d99192a59f413f951a955 |
|
https://irssi.org/security/irssi_sa_2019_06.txt |
|
[oss-security] 20190629 Irssi 1.2.1/1.1.3/1.0.8: CVE-2019-13045 |
|
20190630 [slackware-security] irssi (SSA:2019-180-01) |
|
http://packetstormsecurity.com/files/153480/Slackware-Security-Advisory-irssi-Updates.html |
|
openSUSE-SU-2019:1690 |
|
108998 | |
USN-4046-1 | |
openSUSE-SU-2019:1894 |